[qubes-users] Ghidra Malicious Checker
Are you going to integrate this into ROOTKIT checker or something similar to scan all potential software or file that may be dangerous? Reference Source Link: https://ghidra-sre.org/ FOOTER Express Actual Notice: This message is deemed private or confidential. Unless for criticism or news-report or research or scholarship or teaching or comment or opinion, this message may also be deemed copyright. Due to existence of sophisticated data collection programs globally, assume or presume by default that all digital data associated with this account is subject to intercepts, storage, surveillance or monitoring by intelligence systems and agencies, anytime or anywhere regardless of privacy or security or encryption (EO10995). Sender(s) or agent(s) accepts no liability for any message(s) or its attachment(s). All typing errors are not intended or intentional. Keep sent attachment size less than inbox size of 1 GB. Without Prejudice. All Rights Reserved. Special Deposit. You are receiving this may due to possible time zone conflicts & to reduce and save forever paper, ink, phone minutes, fax, travel fuel and national-international mail postage expenses, excluding incurred data costs. Sent with [ProtonMail](https://protonmail.com) Secure Email. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/n_NJWXcLTMMRvzg2tsVHub4sXBPTmNmTtf8jdsEKNC9MrY0wlvWPmlFnTbQaq0fVpv5tW5ahjwKSOmAGBXHoObTX0aflzddJ63lrLZ8%3D%40protonmail.ch.
Re: Antw: [EXT] [qubes-users] To the Qubes developers (German translation) - An die Qubes Entwickler (Übersetzung auf Deutsch)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Mon, May 04, 2020 at 06:48:34PM -0500, Sven Semmler wrote: > Haven't tried to install anything in German for the last 20 years, but I > would assume that Fedora and Debian have German versions. There is 'system-config-language' in Fedora. You might want to play with it in a Fedora template. /Sven - -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl6wrH4ACgkQ2m4We49U H7YWVhAA05CH0kBuFMMysMN/wVIYc90MxPZ+5rC49aJmjzeuNIeVFLze1wD3ZK7S qlmX7LpHUbXMkWWwAIAzVgwH7JAwTd2G7kubu8InsHqSHAtnQZMalxEYg7aZ37lW WEpYRTnB5f21Asavr+TWetSySnpHn5cutol80L4wEpBClRKNFc2x0JanH18XJzCM rvA3ZG3elMAbZDWbL6Eo6I8dVHFMVaX5I0v2mfjdFD8FD0rH1AEEzocIOAXQlIa+ ApcVcBPiUQxMA/U8I2tsvSKrgWXBORwa5I1b2qylVkTi1QMiIKN2qypCalJ1ywZ5 uW9h7zZ+cqmMz2cKRed66nilQsKQxJhkk2NfpjyKB/RixA++LO4ZQb3GgbtgQFD9 XCR0FjozPTDScBEc2ppKFpUvLLv+0GMnyV2Q0SYmo+IRhvDFJj8H/rLkQIyJEJ0A lxDTL2KDa5XlBycyZfb2oT19PXAlQjtl7tNOFJ9iBDOJ8sQ8lyuRuQTHBdSNa2LK UEQC8yTYUPyur4XoGEs3RKxVhhdxrJZR3MvtjflhCt85fldZSmJXtaVx8YGH2nB6 xjVBNu2DzlZEMuzUX5yvhZsee663E34w5QEMTbieEqBWHqvnNqYYFmbbpagIB968 16SgnLhTlkkFkPZ8ljXlNvUzSbb3D09oq7XVzGxVVUZDYAgq3IM= =euKk -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504235958.GE3029%40app-email-private.
Re: Antw: [EXT] [qubes-users] To the Qubes developers (German translation) - An die Qubes Entwickler (Übersetzung auf Deutsch)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Mon, May 04, 2020 at 11:40:35PM +0200, haaber wrote: > I'd be ready to share a part of the translation work. Me too. > One of the questions is wether standard linux-messages could be > "imported" from other linux language-packs into qubes - to build > a starting set. That would solve the overwhelming part of the > texts, to my belief: there is not so much completely qubes-specific, > is there?? I agree. There should already be German versions of Xfce for Fedora 25 (dom0). What's left then are the tray menus and the Qubes Manager. All the applications come from the templates. There should be localized versions of Fedora / Debian with German versions of the common Gnome tools etc. ... right? Haven't tried to install anything in German for the last 20 years, but I would assume that Fedora and Debian have German versions. /Sven - -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl6wqdMACgkQ2m4We49U H7aTYxAA5Jes+y0hD21Zo1MU8V4pWjZJMQTMnld5Z9B+qMbxJersV8TsVPIyTaDv tR7bdSAko/pCe3p4pDOMYkHB6CYeGxBEWyiWV/MQIYlTLtNUivahv4u7zHNI0dCH FLRhuHT13XlFJWtH5lKsf9NEmTihO+aC0Sde3Qaule2SvY/1coP/K9l1/tGcR2ud BEzNxVx5pL0HxGp212ERlasGkDUfRiO+NEn3j7iqA4eIiky0ZWPH2C7wsANy8L9u XLF4BfhwgVtITjb/0FhtghMCK7ANwTexVcZwaKjH0rijJdGpaqn5JhoNaeHyQ5To hw5sd0YiDmqmm7cYjQFtbbn24bvEaLXt9OwfSJRYV+DlNEPOdNx2nv8cYgUVOfzv JiZU0LUEBDt8SKlkqo372kFQCALydmp35FQfVkJGmEWmm+5SzRMt/GDL/a7jPO7l G3kW1or+tJOV3oBYBXu++jlyS7fSh8K/OMW4sCWJlRikdAP1iYlC2clleWQ5yePw nxEfH1a0ACPghYm92kap8VbhCJGgAxHUGYphtW9xSYDtBpiezNqQEoKqZCil//eQ 5BVjREHPlI9+Jd6TGknh+gV9jZrHipH1l3RAsOeFxWsWM06dpS7EhO+fgaB8xD5m 0J0TGE6MlkuzP0cndLAhQrCLeha5UG4AFP49E3uY0ztOcJtXDM0= =DYlf -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504234834.GD3029%40app-email-private.
Re: Antw: [EXT] [qubes-users] Re: Erste deutsche Rezension von Qubes OS auf Youtube
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Mon, May 04, 2020 at 09:50:31PM +0200, Ulrich Windl wrote: > Sorry, the problem with Windows is that it was designed for stupid people, > just to sell more copies. I'll simply assume this is more a statement of frustration then a serious attempt to explain anything. > I severely doubt you can convince the typical Windows user to use QubesOS for > daily work. "Security" is not a product you can buy, and "security" is the > "is the opposite of "comfort". Security and comfort are more like two opposing poles of a continuum. Personally I do think Qubes does a rather excellent job of demonstrating "reasonable security". It is rather unrealistic (at this point) to expect the average user to install and configure Qubes correctly - agreed. However I can imagine it being used by average users in a government/business context with a normal amount of training (they would received for any other newly introduced solution too). Actually once installed and configured correctly there isn't much difference at all. You'd have to teach them to - pay attention to the color of the window frame - how to use copy/paste - how to move files between domains - how to attach USB devices and when that's OK and when not* *e.g. webcam/mic for conferencing = OK, USB stick to confidential domain = Not OK etc. > People want comfort not security. Why else would they use Alexa or Google > assistant or Siri, dubious password managers, etc.? Sure. This is all about context. Qubes for private use without the user recognizing the need is unrealistic. And even with the ones recognizing the need Qubes in it's current from might not be there quite yet. However, efforts like the preconfigured Privacy Beast are a very encouraging step in that direction. /Sven - -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl6wpyMACgkQ2m4We49U H7ZTuw//d9HRr3in3+O6qPaFCu9peYftsx1eFGDc2WpYoabfuYJwk/lOyUk1hCgN NkjYZ1ggHTqQbh7OZjD4lkm/0AcUYjMKwTNT3UhHs9dxvBTBiLjt8O/tRkdteBKm bf2yT4T0h7OgaHvEU8eYClH6sRgNIF+fiVk3pgLsAvM2JRF1VHaRak1/6Df3mD8i mlmpekTnfn/fmOfgjG2+ciXx/s0D0GRtidOwm3sgSBOhaD6GLQmlBURaRSMNoqR0 6U6S31ax51cIBTaGXYMLh0rVvE2ell/YUp+KFNgaFeGvWrTLkP/NoI2adwc49U+w hwo5Wp1Mwheh7td2QJMijFIV9xNeoP+WgKeYGddUf8E/uMzDKCIiKBKfbOypZ7ED bkZiDGmzzKHZb1/X81pFk+docmSBJqbB6cMSWCwvc38qj0Gsjz/4tHESzoQ5N+Xz pofk8k9GR/u832wnWE/b0n139ZWJOAmDDukwojrDyIA2nu9V4+NTXwWMoap30xhb DNb7/dIdXnk9GV2h/9HZvVcSpQEhQo8vzdw76GoUfSNilJ/QApqUflKNmrShhgeK xjLYXgInuhog2MsW5DotVZ+fhz9XXc6936oWJk+lKALoGuJUjA83ypD++4xBJEti 5zoIfwm36Ec1szMM1ak2H+DBAy1ouzPLq/JdQDA3ObMAcpYXnFw= =uv1a -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504233707.GC3029%40app-email-private.
Re: [qubes-users] Re: connecting an iPhone to a AppVM - 4 non-working attempts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Sun, May 03, 2020 at 10:01:40PM +0100, lik...@gmx.de wrote: > Signal processing controller: Intel Corporation Sunrise Point-LP Serial IO > I2C Controller #0 I happen to have the same chipset you have. But I have never attempted to attach the Signal processing controller (dom0:00_15.0) to Windows ... what's your use case? To make your iPhone play nice with Windows/iTunes only the USB controller (dom0:00_14.0) is required. > I installed the USB drivers from Lenovo as I'm assuming that there will be a > pass trough. Unfortunately, this doesn't work. Windows still is looking for > drivers and doesn't find them. I am running the "Intel USB 3.0/3.1 eXtensible Host Controller Driver" Version 5.0.4.43 downloaded directly from the Intel website. https://downloadmirror.intel.com/22824/eng/Intel(R)_USB_3.0_eXtensible_Host_Controller_Driver_5.0.4.43_v2.zip /Sven - -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl6woloACgkQ2m4We49U H7ZaRw//ceNZIn6+9KzkhSldruKhaYiYP+T6dh1YKOQiImEw6l143xFq2Z0oOpzY qZiPNIPhwz/3Zg2ZoMzwQaOcSBiHnl0O0Fn7TxfAl52CKuUhlSLdMHk5lctc9G7r qN4cvE2hjUae7ET8AEzn9PnoTC/UeddQG6OtWU2VJHZeI+c+ToxWvNd042Q98lz6 /L4jxSc9TL2jJy0RCxgBiZeWSEIQGJ51xYgFRurfvtE1O4OtdBoHXuQqCWRcCRJr lZfgEiVnUXJGjpzkLowL2dMwTZ1DTauGDkSlPp3PigFVlSgDb/pOU69E12jFSVfn V3dOLuk4SnhbjAiH7AcXxlUBQECEDzI8s4XY4NlmeoNQ2IJCQojNcfQX2fCLfbwL WFpsdlt9RvaYkj6P4ZCc/ZDI628A9nLW1ruQAE9L0wfBxErAQp6n7xGBCh0g38/Q 3WZCA54Cxr+0U2HrnAegL72W8EuWSAUzwz4njIICMbWjxNj89zsn7b3wDfUkh/AM ry7XJ+YMQALKJT3IEjQZb+ovjt/l2cXEpiElCKSWQ8FLkoYIwy9gqMuFCkEX7SD7 dEwhkvVJ1WRJwrHBwaDOt94cao2GKbUnupinKdNo8GJoabbXP/8+MFMjKQOPwdnd UDuk+G7ZnArN5pDukkD+iHjQUBjDM3Lasevz9ded7Tb/ieU3uIE= =vp1j -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504231641.GB3029%40app-email-private.
Re: Solved: [qubes-users] external CD writer
On Mon, May 04, 2020 at 11:21:18PM +0200, Olaf Klinke wrote: > Where in the documentation is that stated? The manpage of qvm-device > does not mention this. The only hint is that all examples of qvm-usb in > the documentation show sys-usb as backend. for example in the documentation about usb devices: https://www.qubes-os.org/doc/usb-devices/ "Note: you cannot pass through devices from dom0 (in other words: a USB qube is required)." > 3. Putting the USB keyboard in a qube can and has locked users out of > their systems. forgetting their luks passphrase and careless use of fdisk also can and has locked people out of their systems. doesnt mean we remove disk encryption or all tools that can write to a disk in the wrong place. disabling autostart for the usbvm that has your keyboard is a pretty solid way to avoid locking yourself out hard. and shooting your own foot with it every now and then tends to be educational, just like remote administration of firewalls. :D > 4. If possible, keep the input devices (and only those) attached to > dom0 while attaching all others to sys-usb. i would put _all_ usb controllers into usbvms, even the one(s) used for privileged devices. you still need to make sure that the kbd one is attached to dom0 during boot though. > Luckily I seem to have two USB controllers for my peripheral USB ports, > so I can easily separate input- from other USB-devices. Is (4) i recommend you check if this is actualy the case. there are some _really_ weird USB setups where it looks like different controllers, but it is really just multiple pci devices on the same physical controller. and usb devices plugged into the same usb port end up on one or the other "controller" depending on speed negotiated. my check would be to configure different usbvms for each controller, then plug around some devices between physical ports and see in which vm they end up, and keep notes on that. > possible/recommended? The documentation shows how to hide _all_ USB > controllers from dom0, so I assume one can also choose to hide _some_. https://github.com/QubesOS/qubes-core-admin-linux/blob/master/dracut/modules.d/90qubes-pciback/qubes-pciback.sh rd.qubes.hide_pci=01:23.3,05:67.8 google is hard? perhaps you should consult a data scientist or so? :P -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504221655.GH987%40priv-mua.
Re: [qubes-users] Me (anon-whonix AppVM) -> Tor -> VPN, settup with Mullvad VPN
On 5/2/20 6:54 AM, unman wrote: On Sat, May 02, 2020 at 08:22:57AM +, taran1s wrote: unman: On Fri, May 01, 2020 at 11:54:27AM +, taran1s wrote: taran1s: Chris, I tried now to connect to the kraken.com, which seems to be tor unfriendly through me->tor->VPN->kraken.com but it returns error on the site "Disabled". I learned now that despite I use the above connection model, using VPN as an exit, I still exit from the tor exit not and not from the VPN. I am not sure what broke. If I understand your model: me->tor->VPN->kraken.com you are running Tor *through* your VPN - this means that your service provider sees your connection to the VPN, and your VPN provider sees your connection to the first Tor hop. Naturally, when you exit the VPN and set up the TOR circuit, it's a Tor exit node that connects to kraken. The VPN is NOT an exit in this model. Nothing has broken. I am actually using mullvad VPN. The idea is to have the possibility to access websites or services (like kraken.com) that are not tor-friendly. I would like to connect first to Tor through sys-whonix than connect to the VPN through VPN AppVM and from that VPN to connect to the clearnet. I set the AppVMs networking following way: anon-whonix networking set to -> sys-whonix networking set to -> VPN-AppVM proxy that connects to the clearnet. Is that right for my model? No. Think about it. anon-whonix creates a request. sys-whonix takes that request, and builds a circuit. VPN-AppVM sees the traffic to the first hop, and sends it down the VPN. The VPN provider gets the Tor traffic, and sends it on to the first hop. Then it goes via Tor to the exit node and then to the target. Your ISP sees traffic to the VPN; the VPN provider sees traffic from you going to Tor; the target sees traffic coming from Tor network. *Always* use check.torproject.org to confirm your exit IP in this sort of case (always) so that actual matches expectations. What you have built (in packet terms) is: me - Tor - VPN - target. What you seem to want is: me - VPN - Tor - target To do that you need to build the VPN traffic and send it down a Tor circuit. Your Qubes network configuration should be: client - VPN qube - Tor qube - sys-firewall - sys-net A good rule of thumb is that whichever proxyVM is directly attached to your appVM will be the type of network that the remote service sees. I have no idea if Whonix will let you do this. This should work for most VPNs, as Patrick and I and others have tested it (though I haven't tested Whonix specifically with Mullvad). The only constraint is that the VPN use TCP instead of UDP. -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6c8f7629-8bdf-a098-cd5c-7ee6207895bd%40posteo.net.
Re: Antw: [EXT] [qubes-users] To the Qubes developers (German translation) - An die Qubes Entwickler (Übersetzung auf Deutsch)
... and it would be fun finding out what the fixed points of those translations are. I agree that a full translation would be an awful lot of work. But for starters I'd be happy with a translation of the qubes manager and of application names in the qubes menu (e.g. "document viewer"). That is all my wife is going to see once I set her up a qubes machine. Of course it is horrible to have an OS which is a mixture of two languages. But translating the bits you deal with most often would aid usability tremendously, wouldn't it? I'd be ready to share a part of the translation work. One of the questions is wether standard linux-messages could be "imported" from other linux language-packs into qubes - to build a starting set. That would solve the overwhelming part of the texts, to my belief: there is not so much completely qubes-specific, is there?? Alles Gute, Bernhard -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0036ac17-364b-cc6c-b5be-30e4fc7c323a%40web.de.
Re: Solved: [qubes-users] external CD writer
On Sat, 2020-05-02 at 23:25 +0200, dhorf-hfref.4a288...@hashmail.org wrote: > On Sat, May 02, 2020 at 11:01:06PM +0200, Olaf Klinke wrote: > > > I presume dom0 did not recognize the drive as a USB device and > > hence > > refuses to attach as such? `qvm-usb` yields the empty list. > > oh right, you just came full circle: > attaching USB devices is not going to work without a usbVM. > Where in the documentation is that stated? The manpage of qvm-device does not mention this. The only hint is that all examples of qvm-usb in the documentation show sys-usb as backend. > > > The only remaining question is: Did I buy a shitty drive or will > > any > > external CD writer behave this way? > > no, you just dont have your qubes setup properly. > once you have a sys-usb ... qvm-usb should work just fine. > > for how to do that: see other thread. :P > > > Okay, so let me try to get this straight, for the record. 1. USB generally is bad, it should be avoided or contained. 2. Putting the USB keyboard into one container together with other untrusted USB devices is even worse, since whoever controls your keyboard, controls your computer. 3. Putting the USB keyboard in a qube can and has locked users out of their systems. 4. If possible, keep the input devices (and only those) attached to dom0 while attaching all others to sys-usb. Luckily I seem to have two USB controllers for my peripheral USB ports, so I can easily separate input- from other USB-devices. Is (4) possible/recommended? The documentation shows how to hide _all_ USB controllers from dom0, so I assume one can also choose to hide _some_. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6cae63d2e9b9ca2d08c44b1ed57ba8012cf2154c.camel%40aatal-apotheke.de.
Re: Antw: [EXT] [qubes-users] To the Qubes developers (German translation) - An die Qubes Entwickler (Übersetzung auf Deutsch)
On Mon, 2020-05-04 at 21:38 +0200, Ulrich Windl wrote: > > > > Caroline Villinger schrieb am > > > > 03.05.2020 um > 08:11 in Nachricht > < > 13676_1588486297_5EAE6099_13676_409_1_4a35faa1-f58a-4d47-9818-a852c0f07612@goog > egroups.com>: > > Hello dear Qubes developers, > > > > I would like to ask you whether we can translate the Qubes software > > into > > German. > > Would you be willing to give us all the files we need for the > > translation? > > When we are done with the translation, we would send you the German > > version > > so that you can install it in the Qubes software. > > This means that the user can choose whether he wants to install the > > German > > language or the English language when installing new software. > > > > If you agree, it would be very nice if you could give us an answer. > > Those who are old enough might remember the "LST" (Linux Support > Team) efforts > of translating all Linux kernel messages to German. AFAIK they gave > up long > ago. Most likely because it's a _huge_ amount of work that needs > updates every > release. > Likewise for Qubes: My guess is that you need something like 5000 > hours of > work, and you can be sure: The task cannot be automated. > For example there are different English words that map to the same > German > word, and two different German works may map to the same English > word. ... and it would be fun finding out what the fixed points of those translations are. I agree that a full translation would be an awful lot of work. But for starters I'd be happy with a translation of the qubes manager and of application names in the qubes menu (e.g. "document viewer"). That is all my wife is going to see once I set her up a qubes machine. Of course it is horrible to have an OS which is a mixture of two languages. But translating the bits you deal with most often would aid usability tremendously, wouldn't it? Olaf -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d1e6a5294fdf05ca6de0adbc64dc00c0413d9473.camel%40aatal-apotheke.de.
Re: [qubes-users] Re: Fedora 30 approaching EOL, Fedora 31 TemplateVM available, Fedora 32 TemplateVM in testing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Mon, May 04, 2020 at 03:30:05PM -0500, Sven Semmler wrote: > On Sat, May 02, 2020 at 10:23:45AM +0200, Olaf Klinke wrote: > > usb until I am more familiar with the inner workings of Qubes OS. If it > > was really unrisky and straightforward scripting, why did the Qubes OS > > installer not offer this choice, let alone just do it? > > The installer does offer the option, it simply isn't selected by > default. I see now, this was in relation to the USB keyboard specifically. I think at some point the idea was that Qubes would be primarily used with laptops (having internal keyboards). But it would certainly be nice if someone had the skills and time to improve the installer in this regard. I fear though that's non-trivial. /Sven - -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl6wfGgACgkQ2m4We49U H7ZbHBAAvoQtAGPCJHMO6knT4ltDPPXfq8zi8eYMV4MWBTRejyr9fs5djYkJCygA JW98goa07NGC07aUGf5Dw4lLO/V1ZAxHYNmzK0VUasksADTz7B7nriUpqihaQS9z vzG5iJIs5GEVDlx54UxV7RM3Jspy4o1R/55sOd6oyGHVHd9x2lnvoDct+vsXFgXX 6XyyvXKEQdzzPjwFui4nx949uZHxFEPxXYGvwnb9K8bIiWuyBe70Y+DQaVASV352 Pa1CySN9ebtTKzlQemeJxkdne2V3HpoqvrfisUQawOyPeN6pdnDCMDLlAt+7HZpF f4kqd589gTFKO4hEWlxOhQBbcnjWuPOUyEQ7HVw0xWkuiJ7rYlyiXwJFt9KTJL4s 0KcQmS6+cgyHJy8A7jDIMw9XZm8M1H60CP7yXNzXxKmQ3Fl76H9TH1whAY09KLYl y5psgpiyvDhFpGlfEzaGN4gy53t6Tj4rBC7Q8R2zw8HSZDAlulWM0cO5icla5lBs csU6GKYATY2VNSQPq6J0MBR6AcWghudYBZxCgjiujpkjQF7JyLBIQVdUKMrMiC9/ 03Md9NZWA4CwTf8Ehens7mWLSnr7Pu2FRaHnnpPurxlpCeDR0Na7dmMmnT827cb0 AcXLESmiRTrF/zT5DTWkGZPQLk1jUPesZAHPburE8B2U8hBS5q4= =t0Zh -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504203445.GB1474%40app-email-private.
Re: [qubes-users] Re: Fedora 30 approaching EOL, Fedora 31 TemplateVM available, Fedora 32 TemplateVM in testing
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On Sat, May 02, 2020 at 10:23:45AM +0200, Olaf Klinke wrote: > Hearing this, I will postpone following dhorf's advice to create a sys- > usb until I am more familiar with the inner workings of Qubes OS. If it > was really unrisky and straightforward scripting, why did the Qubes OS > installer not offer this choice, let alone just do it? The installer does offer the option, it simply isn't selected by default. After reading and understanding this page in its entirety you should be fine: https://www.qubes-os.org/doc/usb-qubes/ /Sven - -- public key: https://www.svensemmler.org/0x8F541FB6.asc fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl6we1EACgkQ2m4We49U H7YPzw//Z1jEG3abV31dz84hkqB1lfNHTB4ZN0MUnkV9bInfVbzZTYHPt3jtqFrw CAZOD21JMntKcSHJTNuMn7WBSf/2WXuqWLrTazbHpYzZSCLUULHVK9FNcnboF8WH DI4cQ9F4g2m4Ig1NIuNeJ52TXr1/ZyWR9nMGsMSEoAtrY0zN6TgjuKvjujrtFdPQ 1NfrQ9H3gAq4e54qpEmeINsmfX485dTOxw7OCIFi+7Yq7Ltmm57v9PCn30povq2W kwx5sK5iH6pBSepcZtRGN7qeiTizzOnI5PHDqTTA0FmArK/etVuYWawRiJuxuEFt yHLStNIHwJSCacEKVm4XID0m+nf1eb69gWaDztv2ENVcEPHHLkpKt393JgKE6w81 CTjj5ZkG2zI7pUyYpDddnmgAu8YKGmo4XjQivZLds8FFN074+v1AIbE7kAaHLBju y8hk9gUxt3lRHboZB1vz+IwE56qVUOtWp1WHxsSjXG6uXa/n+WLmQ4idOqT5cfWn L0NveKvvgHnEkZ/vrRKlGw4R/Tohv3nGaMj9XQn3BO/0bHzFASrJWDUZh/wMpWcg MfqtfNyHyUZYYUQnRcyWcDmFJ1xppybJxVJXBOcnayp7ce/r4CVkL90fZoozs3UF PchF2v661eFl2qu2ymFWjToKAgAUWtvrwiKzlWXBmuivw03eOBU= =4ouS -END PGP SIGNATURE- -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504203005.GA1474%40app-email-private.
Re: [qubes-users] Removing Template VMs?
On Mon, May 04, 2020 at 12:28:27PM -0700, viktor.ransm...@gmail.com wrote: > If I'd like to remove any old & **unused** Template VMs (e.g. Debian 9, > Fedora 29, etc.) all I have to do is to start the Qubes Manager, select the > template I'd like to remove - and - select 'Delete qube' ... this should not work for templates that were installed by rpm. you will have to use "rpm -e qubes-template-fedora-23" (or similar). this will also require you clean up anything depending on these templates first, like switching all VMs using them to something else, removing related dvm templates ... i recommend to keep your one-generation-outdated mainline-template around (even if it is EOL) if you can spare the diskspace. if you manage to wreck your new mainline template some way, it is easier to recover from that with an outdated than with no template. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504202508.GG987%40priv-mua.
Re: Antw: [EXT] Re: [qubes-users] Contradictory measures of disk space in a VM
On Mon, May 04, 2020 at 09:12:59PM +0200, Ulrich Windl wrote: > Is it possible to set a flag that makes fsck do a full filesystem > check on the next boot? > Havent found one for ext3... use tune2fs to set the current-mountcount (-C) to something bigger than the max-mountcount (check with -l, adjust with -c). reading the tune2fs documentation is recommended before use. > If the fs tools don't have that feature (yet), maybe it could be build > into initrd (some flag just causes a full fsck to be performed before > the fileystems are mounted (read-write). they do. how to trigger it depends on your initrd. reading the distro specific initrd documentation is recommended. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504201917.GF987%40priv-mua.
Antw: [EXT] Re: [qubes-users] Constant firefox crashes because of Qubes shared memory
>>> Zbigniew Lukasiak schrieb am 04.05.2020 um 14:34 in Nachricht <25184_1588595663_5EB00BCE_25184_83_1_CAGL_UUtUxkCeqF2xj8Fud5Fwj7dfT5GanOYhxmRx6 sonby...@mail.gmail.com>: > marmarek advised me on irc to add more shared memory: > > mount /dev/shm -o remount,size=10G > > and it seems to work. 10G is close to half of that VM's RAM. Qubes was > assigning only 1G previously. Personally I think once your browser uses more than 1GB of memory, it's time to restart it or to restrict scripts from collecting so much information in RAM. > > Cheers, > Zbigniew > > > > > On Mon, Apr 27, 2020 at 9:19 PM Zbigniew Łukasiak wrote: >> >> I am running fedora-30 in an App-VM (not disposable) and I also >> experience the crashes. Not only Firefox, Opera also crashes, while >> Slack app and Thunderbird which also run all the time don't. I >> thought this is because of not enough RAM - but out of frustration I >> assigned 23GB to that machine and it did not help, also top reports >> 10GB free memory now. >> >> In the past I also used Debian and I had those crashes too. >> >> -- >> ZŁ >> >> >> On Mon, Apr 27, 2020 at 1:44 PM donoban wrote: >> > >> > -BEGIN PGP SIGNED MESSAGE- >> > Hash: SHA256 >> > >> > On 2020-04-25 03:00, Guerlan wrote: >> > > I started having constant firefox crashes on my debian9 Qube. I >> > > sent the crash reports to firefox and the said that the problem >> > > occurs because of the shared memory configuration of Qubes, but he >> > > don't know how it's configured. >> > > >> > > Can somebody help me fixing this? How can I enlarge the shared >> > > memory? >> > > >> > >> > I am running fedora-30 and never had this kind of crash with firefox. >> > My AppVms mostly have default 400MB/4000MB and some even less max >> > limit. Maybe is it related to debian-9? Could you test debian-10? >> > -BEGIN PGP SIGNATURE- >> > >> > iQIzBAEBCAAdFiEEznLCgPSfWTT+LPrmFBMQ2OPtCKUFAl6mxaUACgkQFBMQ2OPt >> > CKWONg/8DxzS1fwOIBIbCarULt8buq7tAtFa5pl6gUF2sL9hn6Uboz53TJsf1e8g >> > N75pqb5JjFRaZTf2gGwYkTeAo/HFyWxdEZWRprmWcW/0iLHaB86KzxDRXDaREmEs >> > AWtZTbH7u6lTBx2U3YhPlW3YvBArMeqvdVY3SRIEk3Dl8c/snzMlQ0BQRwAazhmH >> > IoRy2jeSAEvG0U0CXbEdxRmqt5ck9mFCndPZTfCxPoBup02B1QhwjfMZmCh14F0/ >> > zHaUZrHszUtVq5iAj6qe2x/PjY5NsAa15cOlM8I1h672vMxEJdv0WzWEYSdwhzEb >> > i6p/NwtsoeI35DJInedbAk+Z7gTypanqSU23dS9Y77ox7OY+MPuSd+OMNRm+RSl7 >> > 7EVJo+ABg2SoUiX1ESb8Py4zH1jF0EFFOraPbr/N9QppgWVblVBXkW8hAbgwJk6t >> > UoZJo0lHGbDHMj7TTfaU1nhvfwOmoYfiq/oTbs/+mamztUwYjI+jryOOBH+3JgXv >> > MreOm0YH0jsLTMwjVfmxv4zmaSoA7mTwt6gCOpoamq4j9P3onVNgMmo0xcvmTxV0 >> > ReT5BPB1bASPH0vC7Kw+lfZndK/gYrptWAYjuw2Fo/jsh8z4zMUv9ppGe6TFu5kO >> > mnVCBrjP5/ljNtGSYvxUNdzI7L7f3Wn3kOJTcfQfilTyzcdosGk= >> > =+tb9 >> > -END PGP SIGNATURE- >> > >> > -- >> > You received this message because you are subscribed to the Google Groups > "qubes-users" group. >> > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. >> > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/1670d4bb-ea5b-0ea3-f72e-4284eff > 9b521%40riseup.net. >> >> >> >> -- >> Zbigniew Lukasiak >> https://medium.com/@zby >> http://brudnopis.blogspot.com/ > > > > -- > Zbigniew Lukasiak > https://medium.com/@zby > http://brudnopis.blogspot.com/ > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/CAGL_UUtUxkCeqF2xj8Fud5Fwj7dfT5 > GanOYhxmRx6ESonBy3FA%40mail.gmail.com. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5EB0743A02A100038B97%40gwsmtp.uni-regensburg.de.
Antw: [EXT] Re: [qubes-users] Re: disp-vm whonix torbrowser open tabs file?
>>> Catacombs schrieb am 04.05.2020 um 14:18 in Nachricht <24740_1588594718_5EB0081D_24740_209_1_e4ab08ee-0ed4-4089-9427-86850a35c9ea@goog egroups.com>: > ”l have a whonix disposable tor browser whonix vm running with a load of > tabs open, maybe 30 but I can't check the precise amount because the tabs > don't scroll anymore. “ > > > Consider creating a clone of Whonix Template QUBE, make all your Tabs > Favorites. Used to be an option in Firefox to open all favorites. Or there > is an option of what to start when starting Firefox. > Save this template clone for the specific use of having this group of Tabs a > a available all at once. > > ”The browser hangs.” Perhaps increase the memory allocation for the QUBE > that has all the Tabs > > “As soon as I close the browser my tabs will be gone and I don't like to > lose them. > I think there must be a session.json file but that seems to be created only > when the browser closes, and this will close the VM automatically, so even if > a restore file with tabs in it is created, it will be gone upon closure of > the browser. > I can access the file system from within dom0 and could copy any file that I > need. > > Is there any place where whonix tor browser stores its currently open tabs? I think (at least for Firefox) there must be a place where open tabs are stored, because when the machine crashes, Firefox can recover the last session automatically. The other idea I had is the history: Shouldn't all tabs be present in the history, too? OK, if the browser is hanging, it might not help. Did you try to open a terminal for the same DVM (via cubes manager on the VM)? If so, you could try to find out what's going on with the browser (like: "free", "top", etc.). My guess is lack of memory. > > Thanks ahead. > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/e4ab08ee-0ed4-4089-9427-86850a3 > 5c9ea%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5EB0739302A100038B92%40gwsmtp.uni-regensburg.de.
Antw: [EXT] [qubes-users] Re: Erste deutsche Rezension von Qubes OS auf Youtube
>>> GWeck schrieb am 04.05.2020 um 14:04 in Nachricht <22855_1588593848_5EB004B7_22855_343_1_8c98f91b-eec7-465e-8b1d-381ad2ea9717@goog egroups.com>: > > A rather good first introduction to the basic concepts of Qubes OS! I hope > this helps spreading the word about Qubes in the DACH countries. > > In Germany, we desparately need a secure basis for IT in many areas where > government and firms currently are using Windows - contrary to privacy > protection laws, and contrary to common sense - see Emotet. Sorry, the problem with Windows is that it was designed for stupid people, just to sell more copies. I severely doubt you can convince the typical Windows user to use QubesOS for daily work. "Security" is not a product you can buy, and "security" is the " is the opposite of "comfort". People want comfort not security. Why else would they use Alexa or Google assistant or Siri, dubious password managers, etc.? > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/8c98f91b-eec7-465e-8b1d-381ad2e > a9717%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5EB0720702A100038B8D%40gwsmtp.uni-regensburg.de.
Antw: [EXT] [qubes-users] To the Qubes developers (German translation) - An die Qubes Entwickler (Übersetzung auf Deutsch)
>>> Caroline Villinger schrieb am 03.05.2020 um 08:11 in Nachricht <13676_1588486297_5EAE6099_13676_409_1_4a35faa1-f58a-4d47-9818-a852c0f07612@goog egroups.com>: > Hello dear Qubes developers, > > I would like to ask you whether we can translate the Qubes software into > German. > Would you be willing to give us all the files we need for the translation? > When we are done with the translation, we would send you the German version > so that you can install it in the Qubes software. > This means that the user can choose whether he wants to install the German > language or the English language when installing new software. > > If you agree, it would be very nice if you could give us an answer. Those who are old enough might remember the "LST" (Linux Support Team) efforts of translating all Linux kernel messages to German. AFAIK they gave up long ago. Most likely because it's a _huge_ amount of work that needs updates every release. Likewise for Qubes: My guess is that you need something like 5000 hours of work, and you can be sure: The task cannot be automated. For example there are different English words that map to the same German word, and two different German works may map to the same English word. > > greeting > Erwin > > > > > > > Hallo liebe Qubes Entwickler, > > ich möchte euch fragen, ob wir die Software Qubes in deutsche Sprache > übersetzen können. > Wärst du bereit uns alle Dateien zu geben, die wir für die Übersetzung > benötigen? > Wenn wir fertig sind, mit der Übersetzung würden wir dir die deutsche > Version zusenden, so dass Ihr es in der Qubes Software mit einbauen könnt. > Somit kann der User bei neu Installation wählen, ob er die deutsche Sprache > oder die englische Sprache installieren möchte. > > Wenn du damit einverstanden bist, wäre es sehr schön, wenn du uns eine > Antwort geben kannst. > > Gruß > Erwin > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/4a35faa1-f58a-4d47-9818-a852c0f > 07612%40googlegroups.com. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5EB06F1B02A100038B88%40gwsmtp.uni-regensburg.de.
[qubes-users] Removing Template VMs?
Hello community, If I'd like to remove any old & **unused** Template VMs (e.g. Debian 9, Fedora 29, etc.) all I have to do is to start the Qubes Manager, select the template I'd like to remove - and - select 'Delete qube' ... Is this approach OK - or - am I missing something? With kind regards, VR -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a6ef732a-6866-4dad-b378-532643235454%40googlegroups.com.
Antw: [EXT] Re: [qubes-users] Contradictory measures of disk space in a VM
>>> Franz <169...@gmail.com> schrieb am 29.04.2020 um 20:10 in Nachricht <12446_1588183865_5EA9C338_12446_12_1_CAPzH-qB-p_Q3kCn7kGUE8F4=Bsn4mPPrmU-w76NO0 2l7fy...@mail.gmail.com>: > Dear Dhorf, > I tried fsck on dom0, but got the enclosed terror screen. > For me it is enough, I created a new VM, copied content of the old > corrupted one to the new one. Everything works and do not afford to do more > because it is too complicated for my little mind. > But i want to thank you, with your help I understood were the problem is > and for the future I'll avoid to chenge size of a running VM. I understand > it can theoretically be done, but it does not work for me. On the other > hand, it works if the VM is not running. > So thanks Dhorf I appreciate the time you devote for me Hi! While I'd be able to perform the needed fsck, I wonder: Is it possible to set a flag that makes fsck do a full filesystem check on the next boot? Havent found one for ext3... If the fs tools don't have that feature (yet), maybe it could be build into initrd (some flag just causes a full fsck to be performed before the fileystems are mounted (read-write). Regards, Ulrich > > On Wed, Apr 29, 2020 at 9:42 AM wrote: > >> On Wed, Apr 29, 2020 at 08:11:37AM -0300, Franz wrote: >> >> > Did it with Fedora 30, but with exactly the same result >> > But checking other VMs I am getting the same error on some of them :(( >> > So this is a widespread problem. >> >> did you try to google your problem? >> because at this point it is starting to look less of a qubes problem, >> and more like generic filesystem damage. >> >> fsck+repair the volume, then resize it. >> consult the documentation of your favorite distro template on how >> to do this inside the vm. >> you may have to connect to the vm through "xl console" in dom0. >> >> or spawn a fsck-vm, and temporarily attach the volumes to that. >> https://www.qubes-os.org/doc/mount-lvm-image/ >> >> or just fsck+resize from dom0 if you consider the risk of something >> exploiting e2fstools through this acceptable. >> >> >> >> > May it be that this is caused by running Qubes manager / vm settings/ >> > increase private size when the VM is running? Sometimes I get an error >> on >> > that. It may be that this creates a problem that cannot be removed. >> >> no, online resize is completely normal and supported. >> >> >> >> > > -- > You received this message because you are subscribed to the Google Groups > "qubes-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to qubes-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/qubes-users/CAPzH-qB-p_Q3kCn7kGUE8F4%3DBsn4 > mPPrmU-w76NO0B2L7fYFaQ%40mail.gmail.com. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5EB0693B02A100038B7E%40gwsmtp.uni-regensburg.de.
Re: [qubes-users] Dividing Qubes Into Separate Networks (FAILED)
> You seem to have taken offence at a comment not made by me. My bad. I lost track who said what. > Now we know that Fedora live connects to the VLAN port - what > configuration was required? (I leave open the possibility that > Fedora > live implements some autoconfiguration not included in the basic Fedora > template) No configuration was required. On DHCP it just automatically worked. I switched over to manual config, assigned a different IP and once again it just worked. I copied the config file out from th network scripts and tried implementing the same on the pentest-gw > Have you made the same configuration in your pentest-gw? I tried the same settings in the pentests-gw that I gaterhered from the liveboot and made no difference. > What do the logs say? (In Qubes and on switch.) SWITCH LOGS: May 4 14:56:25 UBNT daemon.notice switch: TRAPMGR: Link Up: 0/6 May 4 14:56:25 UBNT daemon.info switch: DOT1S: Port (6) inst(0) role changing from ROLE_DISABLED to ROLE_DESIGNATED PENTEST-GW LOGS: May 04 14:55:46 pentest-gw systemd[559]: Started Mark boot as successful after the user session has run 2 minutes. May 04 14:55:46 pentest-gw systemd[559]: Reached target Paths. May 04 14:55:46 pentest-gw systemd[559]: Reached target Timers. May 04 14:55:46 pentest-gw systemd[559]: Starting D-Bus User Message Bus Socket. May 04 14:55:46 pentest-gw systemd[559]: Listening on Multimedia System. May 04 14:55:46 pentest-gw systemd[559]: Condition check resulted in Sound System being skipped. May 04 14:55:46 pentest-gw systemd[559]: Listening on D-Bus User Message Bus Socket. May 04 14:55:46 pentest-gw systemd[559]: Reached target Sockets. May 04 14:55:46 pentest-gw systemd[559]: Reached target Basic System. May 04 14:55:46 pentest-gw systemd[559]: Reached target Main User Target. May 04 14:55:46 pentest-gw systemd[559]: Startup finished in 175ms. May 04 14:55:48 pentest-gw systemd[559]: Starting D-Bus User Message Bus... May 04 14:55:48 pentest-gw dbus-broker-launch[711]: Service file '/usr/share/dbus-1/services/org.gnome.evolution.dataserver.Calendar.service' is not named after the D-Bus name 'org.gnome.evolution.dataserver.Calendar8'. May 04 14:55:48 pentest-gw dbus-broker-launch[711]: Service file '/usr/share/dbus-1/services/org.gnome.evolution.dataserver.AddressBook.service' is not named after the D-Bus name 'org.gnome.evolution.dataserver.AddressBook10'. May 04 14:55:48 pentest-gw dbus-broker-launch[711]: Service file '/usr/share/dbus-1/services/org.gnome.evolution.dataserver.UserPrompter.service' is not named after the D-Bus name 'org.gnome.evolution.dataserver.UserPrompter0'. May 04 14:55:48 pentest-gw dbus-broker-launch[711]: Service file '/usr/share/dbus-1/services/org.freedesktop.mate.Notifications.service' is not named after the D-Bus name 'org.freedesktop.Notifications'. May 04 14:55:48 pentest-gw dbus-broker-launch[711]: Service file '/usr/share/dbus-1/services/org.gnome.evolution.dataserver.Sources.service' is not named after the D-Bus name 'org.gnome.evolution.dataserver.Sources5'. May 04 14:55:48 pentest-gw dbus-broker-launch[711]: Policy to allow eavesdropping in /usr/share/dbus-1/session.conf +31: Eavesdropping is deprecated and ignored May 04 14:55:48 pentest-gw dbus-broker-launch[711]: Policy to allow eavesdropping in /usr/share/dbus-1/session.conf +33: Eavesdropping is deprecated and ignored May 04 14:55:48 pentest-gw systemd[559]: Started D-Bus User Message Bus. May 04 14:55:48 pentest-gw dbus-broker-lau[711]: Ready May 04 14:55:48 pentest-gw systemd[559]: Starting Tracker metadata database store and lookup manager... May 04 14:55:48 pentest-gw systemd[559]: Starting Virtual filesystem service... May 04 14:55:48 pentest-gw systemd[559]: Started Virtual filesystem service. May 04 14:55:48 pentest-gw systemd[559]: Started Tracker metadata database store and lookup manager. May 04 14:55:48 pentest-gw systemd[559]: Created slice dbus\x2d:1.2\x2dca.desrt.dconf.slice. May 04 14:55:48 pentest-gw systemd[559]: Started dbus-:1.2-ca.desrt.dconf@0.service. May 04 14:55:48 pentest-gw pulseaudio[729]: vchan module loading May 04 14:55:48 pentest-gw pulseaudio[729]: using domid: 0 May 04 14:55:48 pentest-gw pulseaudio[729]: play libvchan_fd_for_select=19, ctrl=0x57995005aa40 May 04 14:55:48 pentest-gw pulseaudio[729]: rec libvchan_fd_for_select=23, ctrl=0x57995005abe0 May 04 14:55:48 pentest-gw pulseaudio[729]: sink cork req state =1, now state=-2 May 04 14:55:48 pentest-gw pulseaudio[729]: source cork req state =1, now state=-2 May 04 14:55:48 pentest-gw pulseaudio[729]: module-rescue-stream is obsolete and should no longer be loaded. Please remove it from your configuration. May 04 14:55:49 pentest-gw systemd[559]: Starting Accessibility services bus... May 04 14:55:49 pentest-gw systemd[559]: Started Accessibility services bus. May 04 14:55:49 pentest-gw at-spi-bus-launcher[816]: Policy to allow eavesdropping in /usr/share/defaults/at-spi2/accessibility.conf +15: E
Re: [qubes-users] How To Set Up Traffic Mirroring To Security Onion
Does anyone have some creative ideas how I could mirror all traffic on this subnet into the SecurityOnion HVM? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/u1duhVe3EcbDxwOOElvchdWDfAPGGz0iLk8xRxhyf5PdzM62Zt6_ZD-TgDz3jfQZFmCrZnLpQyYjsP415CUwaswc9hHFTq4DDSeMNctMVGc%3D%40protonmail.com. publickey - letmereadit@protonmail.com - 0xEE010E73.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Me (anon-whonix AppVM) -> Tor -> VPN, settup with Mullvad VPN
Frank: >> >> unman: On Sun, May 03, 2020 at 08:01:59AM +, taran1s wrote: >> What you have built (in packet terms) is: >> me - Tor - VPN - target. >> >> What you seem to want is: >> me - VPN - Tor - target >> >> To do that you need to build the VPN traffic and send it down a Tor >> circuit. >> Your Qubes network configuration should be: >> client - VPN qube - Tor qube - sys-firewall - sys-net >> >> I have no idea if Whonix will let you do this. >> >> unman >> > > Ah, omg I see. I thought about it in regards of seeing other AppVMs like > sys-whonix -> sys-firewall -> sys-net. I am not experienced in > networking and so just followed the logic of whats first gets first. But > now I see that packet wise, it is vice versa. It is a bit confusing for > me, but if it is working, I will be more than happy :) > > So if I understand it properly, I set the networking of the AppVMs > following way: > > anon-whonix -> VPN-AppVM -> sys-whonix -> clearnet. In this case I use > tor first, exit from tor-exit-node to the VPN and than exit from VPN to > clearnet. Am I right? > I tried the setup, but in this case the the VPN proxy doesn't go to Link UP and TB in anon-whonix isn't connected to the internet. Any ideas? BTW I downloaded the default UDP setting package from mullvadVPN as Chris mentioned. I know that tor is using TCP only. Could this be an issue with this setup and I should get the TCP package instead of UDP? >>> Yes. Your UDP traffic wont go through Tor. >>> You need a TCP VPN to route through Tor. >>> >>> unman >>> >> >> I downloaded the TCP port 443 (there is also TCP port 80?) file from >> Mullvad and tried to go through, but the VPN Proxy AppVM cycles with >> 'Ready to start link' only and never goes to the 'Link is UP'. >> >> Maybe there is something in the script from Chris that doesn't cooperate >> with the whonix setup and something needs to be adjusted for this model >> of connecting to VPN after Tor. But no idea what it could be.I am >> unfortunately not able to check the script itself as I am not a programmer.. > > What exactly are you trying to accomplish with this kind of set-up? If you > want to stay anonymous, your connection through the VPN should accomplish > that already (if you make sure your browser doesn’t contain any information > that can be traced back to you) and if not (because you didn’t pay with > Bitcoin or cash and there is a possible paper-trail back to your person from > your mullvad VPN account number) then using it through Tor doesn’t help > either. > > Maybe I am missing something here and I would love to be enlightened if that > is the case... > > Regards, Frank > As I mentioned, I would like to use Tor before VPN to be able to connect to the tor-unfriendly services like kraken.com. VPN itself is not anonymous and so connect to the VPN from the Tor exit node helps. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e0d02f08-f3ea-1eea-db71-edf8ff2598dd%40mailbox.org. 0xA664B90BD3BE59B3.asc Description: application/pgp-keys
[qubes-users] disp vm template not working in fedora 31
Hello, I hope someone can help with this. I have a modified fedora 31 template which I want to use as a disposable VM. I have done this: Created a app vm called my-dvm based on my-f31-template using the qubes manager In the dom0 terminal: qvm-prefs my-dvm template_for_dispvms True qvm-features my-dvm appmenus-dispvm 1 There are no error messages but I dont get the 'Disposable' entries in the start button menu. So I did this: qvm-appmenus --update --force my-dvm my-dvm: Creating appmenus Traceback (most recent call last): File "/usr/bin/qvm-appmenus", line 9, in load_entry_point('qubesdesktop==4.0.20', 'console_scripts', 'qvm-appmenus')() File "/usr/lib/python3.5/site-packages/qubesappmenus/__init__.py", line 644, in main appmenus.appmenus_update(vm, force=args.force) File "/usr/lib/python3.5/site-packages/qubesappmenus/__init__.py", line 541, in appmenus_update self.appmenus_create(vm, force=force, refresh_cache=False) File "/usr/lib/python3.5/site-packages/qubesappmenus/__init__.py", line 256, in appmenus_create dispvm): File "/usr/lib/python3.5/site-packages/qubesappmenus/__init__.py", line 140, in write_desktop_file raise DispvmNotSupportedError() qubesappmenus.DispvmNotSupportedError: Creating Disposable VM menu entries not supported by this template How can I fix this? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2e613fe0-682d-4548-b138-a5012752372a%40googlegroups.com.
[qubes-users] Arch Linux templates and repo
Evening all, It's possible to build arch templates using qubes builder. Simply select archlinux as a target in ./setup, run make get-sources, make qubes-vm, and make template. If you are not sure about building for yourself, or don't have time, I've decided to make pre-built arch templates available, as well as hosting arch repositories. You can download the pre-built template from https://qubes.3isec.org/Templates All my templates, packages and repositories are signed with my Qubes Signing key - you can get this from any keyserver. You should check this against other sources - the Qubes-Users mailing list, [GitHub](https://github.com/unman/unman/blob/master/gpg-keys.asc), maybe another keyserver over Tor. You should do something like this, in a Fedora disposableVM: Download the arch template from https://qubes.3isec.org/Templates Once you have downloaded and confirmed my "Qubes OS signing key", add it to your rpm keyring: `sudo rpm --import ` Check the signature on the template: `rpm -K ` If all is well you will see "digests signatures OK" Once you are satisfied, install the Template. To do this you will need to copy it to dom0. In dom0 run: `qvm-run -p 'cat ' > archtemplate` Then install, in dom0 : `sudo dnf install archtemplate` I'll be hosting an arch repository with packages for 4.0 and 4.1, but it's not completed testing yet. I'll let you know when it's ready for use, probably tomorrow. Bear in mind that using these templates and packages, you trust me to do the right thing. Naturally, anyone can inspect the contents of the template package, the installed template, and qubes packages, to check that all is fine. cheers unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504123428.GF29542%40thirdeyesecurity.org.
Re: [qubes-users] Constant firefox crashes because of Qubes shared memory
marmarek advised me on irc to add more shared memory: mount /dev/shm -o remount,size=10G and it seems to work. 10G is close to half of that VM's RAM. Qubes was assigning only 1G previously. Cheers, Zbigniew On Mon, Apr 27, 2020 at 9:19 PM Zbigniew Łukasiak wrote: > > I am running fedora-30 in an App-VM (not disposable) and I also > experience the crashes. Not only Firefox, Opera also crashes, while > Slack app and Thunderbird which also run all the time don't. I > thought this is because of not enough RAM - but out of frustration I > assigned 23GB to that machine and it did not help, also top reports > 10GB free memory now. > > In the past I also used Debian and I had those crashes too. > > -- > ZŁ > > > On Mon, Apr 27, 2020 at 1:44 PM donoban wrote: > > > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA256 > > > > On 2020-04-25 03:00, Guerlan wrote: > > > I started having constant firefox crashes on my debian9 Qube. I > > > sent the crash reports to firefox and the said that the problem > > > occurs because of the shared memory configuration of Qubes, but he > > > don't know how it's configured. > > > > > > Can somebody help me fixing this? How can I enlarge the shared > > > memory? > > > > > > > I am running fedora-30 and never had this kind of crash with firefox. > > My AppVms mostly have default 400MB/4000MB and some even less max > > limit. Maybe is it related to debian-9? Could you test debian-10? > > -BEGIN PGP SIGNATURE- > > > > iQIzBAEBCAAdFiEEznLCgPSfWTT+LPrmFBMQ2OPtCKUFAl6mxaUACgkQFBMQ2OPt > > CKWONg/8DxzS1fwOIBIbCarULt8buq7tAtFa5pl6gUF2sL9hn6Uboz53TJsf1e8g > > N75pqb5JjFRaZTf2gGwYkTeAo/HFyWxdEZWRprmWcW/0iLHaB86KzxDRXDaREmEs > > AWtZTbH7u6lTBx2U3YhPlW3YvBArMeqvdVY3SRIEk3Dl8c/snzMlQ0BQRwAazhmH > > IoRy2jeSAEvG0U0CXbEdxRmqt5ck9mFCndPZTfCxPoBup02B1QhwjfMZmCh14F0/ > > zHaUZrHszUtVq5iAj6qe2x/PjY5NsAa15cOlM8I1h672vMxEJdv0WzWEYSdwhzEb > > i6p/NwtsoeI35DJInedbAk+Z7gTypanqSU23dS9Y77ox7OY+MPuSd+OMNRm+RSl7 > > 7EVJo+ABg2SoUiX1ESb8Py4zH1jF0EFFOraPbr/N9QppgWVblVBXkW8hAbgwJk6t > > UoZJo0lHGbDHMj7TTfaU1nhvfwOmoYfiq/oTbs/+mamztUwYjI+jryOOBH+3JgXv > > MreOm0YH0jsLTMwjVfmxv4zmaSoA7mTwt6gCOpoamq4j9P3onVNgMmo0xcvmTxV0 > > ReT5BPB1bASPH0vC7Kw+lfZndK/gYrptWAYjuw2Fo/jsh8z4zMUv9ppGe6TFu5kO > > mnVCBrjP5/ljNtGSYvxUNdzI7L7f3Wn3kOJTcfQfilTyzcdosGk= > > =+tb9 > > -END PGP SIGNATURE- > > > > -- > > You received this message because you are subscribed to the Google Groups > > "qubes-users" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to qubes-users+unsubscr...@googlegroups.com. > > To view this discussion on the web visit > > https://groups.google.com/d/msgid/qubes-users/1670d4bb-ea5b-0ea3-f72e-4284eff9b521%40riseup.net. > > > > -- > Zbigniew Lukasiak > https://medium.com/@zby > http://brudnopis.blogspot.com/ -- Zbigniew Lukasiak https://medium.com/@zby http://brudnopis.blogspot.com/ -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAGL_UUtUxkCeqF2xj8Fud5Fwj7dfT5GanOYhxmRx6ESonBy3FA%40mail.gmail.com.
Re: [qubes-users] Re: disp-vm whonix torbrowser open tabs file?
”l have a whonix disposable tor browser whonix vm running with a load of tabs open, maybe 30 but I can't check the precise amount because the tabs don't scroll anymore. “ Consider creating a clone of Whonix Template QUBE, make all your Tabs Favorites. Used to be an option in Firefox to open all favorites. Or there is an option of what to start when starting Firefox. Save this template clone for the specific use of having this group of Tabs a a available all at once. ”The browser hangs.” Perhaps increase the memory allocation for the QUBE that has all the Tabs “As soon as I close the browser my tabs will be gone and I don't like to lose them. I think there must be a session.json file but that seems to be created only when the browser closes, and this will close the VM automatically, so even if a restore file with tabs in it is created, it will be gone upon closure of the browser. I can access the file system from within dom0 and could copy any file that I need. Is there any place where whonix tor browser stores its currently open tabs? Thanks ahead. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e4ab08ee-0ed4-4089-9427-86850a35c9ea%40googlegroups.com.
[qubes-users] Re: Erste deutsche Rezension von Qubes OS auf Youtube
A rather good first introduction to the basic concepts of Qubes OS! I hope this helps spreading the word about Qubes in the DACH countries. In Germany, we desparately need a secure basis for IT in many areas where government and firms currently are using Windows - contrary to privacy protection laws, and contrary to common sense - see Emotet. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8c98f91b-eec7-465e-8b1d-381ad2ea9717%40googlegroups.com.
Re: [qubes-users] Re: disp-vm whonix torbrowser open tabs file?
On Mon, May 04, 2020 at 12:32:39PM +0100, unman wrote: > On Sun, May 03, 2020 at 11:35:21PM -0700, list.w...@gmail.com wrote: > > Actually, I guess it would be fine if there would be a procedure with which > > I can close down the disposable browser without the disp-vm automatically > > closing. > > Then there will, probably, be a session.json file made which I then can > > copy to another VM. > > > > > > > > > > On Monday, May 4, 2020 at 2:30:31 AM UTC, list...@gmail.com wrote: > > > > > > Hello qubes users, > > > > > > I have a whonix disposable tor browser whonix vm running with a load of > > > tabs open, maybe 30 but I can't check the precise amount because the tabs > > > don't scroll anymore. > > > The browser hangs. > > > As soon as I close the browser my tabs will be gone and I don't like to > > > lose them. > > > I think there must be a session.json file but that seems to be created > > > only when the browser closes, and this will close the VM automatically, > > > so > > > even if a restore file with tabs in it is created, it will be gone upon > > > closure of the browser. > > > I can access the file system from within dom0 and could copy any file > > > that > > > I need. > > > > > > Is there any place where whonix tor browser stores its *currently open* > > > *tabs*? > > > > > > Thanks ahead. > > > > > The convention here is not to top-post. > Please scroll to the bottom of the message before you start typing. Or > reply inline. > It only takes you seconds, makes it much easier to follow threads, and > cumulatively saves your fellow users hours. > Thanks. > > In FF, I think that the data is in sessionstore-backups. Have a look > there. > You may do better asking on the Whonix lists, as I believe they > customize the TBB somewhat. > > unman > Actually, since TBB wont remember history or site data, I dont think that data is stored anywhere. (Unless i misremember, the Update reloads open tabs, not by reading from existing stored data, but by storing that data itself.) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504115832.GE29542%40thirdeyesecurity.org.
Re: [qubes-users] Re: disp-vm whonix torbrowser open tabs file?
On Sun, May 03, 2020 at 11:35:21PM -0700, list.w...@gmail.com wrote: > Actually, I guess it would be fine if there would be a procedure with which > I can close down the disposable browser without the disp-vm automatically > closing. > Then there will, probably, be a session.json file made which I then can > copy to another VM. > > > > > On Monday, May 4, 2020 at 2:30:31 AM UTC, list...@gmail.com wrote: > > > > Hello qubes users, > > > > I have a whonix disposable tor browser whonix vm running with a load of > > tabs open, maybe 30 but I can't check the precise amount because the tabs > > don't scroll anymore. > > The browser hangs. > > As soon as I close the browser my tabs will be gone and I don't like to > > lose them. > > I think there must be a session.json file but that seems to be created > > only when the browser closes, and this will close the VM automatically, so > > even if a restore file with tabs in it is created, it will be gone upon > > closure of the browser. > > I can access the file system from within dom0 and could copy any file that > > I need. > > > > Is there any place where whonix tor browser stores its *currently open* > > *tabs*? > > > > Thanks ahead. > > The convention here is not to top-post. Please scroll to the bottom of the message before you start typing. Or reply inline. It only takes you seconds, makes it much easier to follow threads, and cumulatively saves your fellow users hours. Thanks. In FF, I think that the data is in sessionstore-backups. Have a look there. You may do better asking on the Whonix lists, as I believe they customize the TBB somewhat. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504113239.GD29542%40thirdeyesecurity.org.
Re: [qubes-users] Dividing Qubes Into Separate Networks (FAILED)
On Mon, May 04, 2020 at 02:00:00AM +, Zsolt Bicskey wrote: > > > > > Set the VLAN correctly? > > > > > yes, as I said if I connect a Windows latptop it works right away > > > > > Set all parameters necessary to satisfy any port security on the > > > > > switch? > > > > > Yes, same answer as above > > > > > > > actualy, those are not "answers" at all. > > > there is nothing in this description confirming you know how to > > > configure a network interface under linux. > > My apologies unman that I am not a Linux poweruser. I have only been using it > casually for the past 20 years. I have yet to run into a situation where I > was not able to configure my network on any SUSE/Slackware, Debian or RHEL > based systems. The reason I came here is to get help, not to be reminded what > I do not understand or know about networking. > > > > > since you confirmed the second port is working in general, this > > > is unlikely to be a qubes problem. > > > may be a whatever-your-netvm-distro-is problem. > > > or more likely, a configuration problem. > > > try booting whatever the distro in your netvm is off a USB stick > > > or dvd (== without xen involved), and get the right network > > > interface to work on the right port with that. > > > then copy over the interface configuration to your netvm. > > > > > So my understanding is that it would not solve the DHCP settings but if I > were to try manually setting it then Fedora stores the settings in > /etc/sysconfig/network-scripts/ifcfg-Wired_connection_# which is not a > permanent location in Qubes so I'd lose it with every reboot. > > > And just to be really sure everything is working on the machine I tested all > interfaces with manual and DHCP settings with the Live boot Fedora and > everything was working. > > > Can someone please try to help me solve this issue? Everything in line after > Qubes is 100% working as designed. There is someting with the Qubes gateway > that I am goofing up and I cannot find what is wrong. You seem to have taken offence at a comment not made by me. I *do* endorse the statement that your replies were not answers. The question isn't whether you have correctly configured VLAN on the port, but whether you have configured the interface correctly. Saying that a Windows laptop can connect is irrelevant to that point. Now we know that Fedora live connects to the VLAN port - what configuration was required? (I leave open the possibility that Fedora live implements some autoconfiguration not included in the basic Fedora template) Have you made the same configuration in your pentest-gw? What do the logs say? (In Qubes and on switch.) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504112429.GC29542%40thirdeyesecurity.org.
[qubes-users] disp-vm whonix torbrowser open tabs file?
Would it work to create a clone of whonix template QUBE. Then create the tabs you want, save that before you do anything that might leave Malware in this template? Perhaps increase the memory allocation for this QUBE with the hope of the many TABs causing a hang. Another option is to make all those tabs Favorites. There used to be an option in Firefox to open all Favorites. But I do not know if or how that is implemented in QUBEs Firefox. Consult Firefox help. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a0059878-a413-43d9-8696-a6900fe30ca7%40googlegroups.com.
Re: [qubes-users] Re: disp-vm whonix torbrowser open tabs file?
On 5/4/20 7:35 AM, list.w...@gmail.com wrote: Actually, I guess it would be fine if there would be a procedure with which I can close down the disposable browser without the disp-vm automatically closing. Then there will, probably, be a session.json file made which I then can copy to another VM. On Monday, May 4, 2020 at 2:30:31 AM UTC, list...@gmail.com wrote: Hello qubes users, I have a whonix disposable tor browser whonix vm running with a load of tabs open, maybe 30 but I can't check the precise amount because the tabs don't scroll anymore. The browser hangs. As soon as I close the browser my tabs will be gone and I don't like to lose them. I think there must be a session.json file but that seems to be created only when the browser closes, and this will close the VM automatically, so even if a restore file with tabs in it is created, it will be gone upon closure of the browser. I can access the file system from within dom0 and could copy any file that I need. Is there any place where whonix tor browser stores its *currently open* *tabs*? Thanks ahead. Start a terminal in a dispVM, then use the command line to start the browser. You can stop and start the browser whenever you want. The dispVM will stay running until you close the terminal. Mike. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5b6192cb-a03c-b34e-3876-3705bede6fdf%40keehan.net.
Re: [qubes-users] Re: Shoshana Zuboff and Renata ??vila: ???COVID-1984 ??? Surveillance Capitalism???
On Sun, May 03, 2020 at 09:46:55PM -0700, list.w...@gmail.com wrote: > Trust me on this if you have no time to research it for yourself. > > *If* you have *no* hyperinsulinemia--in other words, you're no type 1 or 2 > diabetic, *and* you're not pre-diabetic (that is fasting blood glucose > 5.5-6.9 mmol/l) *and* you're not pre-pre-diabetic (that is Kraft Insulin > Assay Test: blood insulin above 700 pmol/l)--*and* you are sufficient in > vitamin D3 (bloodlevel > 100 nmol/l) *then* you are at practically *zero > risk* for contracting more than *mild* COVID-19 symptoms. > > Just saying. > I don't trust you. Evidence?(But NOT HERE on the list) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504110057.GB29542%40thirdeyesecurity.org.
Re: [qubes-users] Me (anon-whonix AppVM) -> Tor -> VPN, settup with Mullvad VPN
On Mon, May 04, 2020 at 05:59:03AM +, taran1s wrote: > > > > Yes. Your UDP traffic wont go through Tor. > > You need a TCP VPN to route through Tor. > > > > unman > > > > I downloaded the TCP port 443 (there is also TCP port 80?) file from > Mullvad and tried to go through, but the VPN Proxy AppVM cycles with > 'Ready to start link' only and never goes to the 'Link is UP'. > > Maybe there is something in the script from Chris that doesn't cooperate > with the whonix setup and something needs to be adjusted for this model > of connecting to VPN after Tor. But no idea what it could be.I am > unfortunately not able to check the script itself as I am not a programmer.. I dont use that script or Whonix. I suspect that you might get more help on Whonix mailing lists. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200504105657.GA29542%40thirdeyesecurity.org.
[qubes-users] Erste deutsche Rezension von Qubes OS auf Youtube
Liebe Freunde von Qubes OS, Es gibt gute Neuigkeiten, denn auf Youtube gibt es die erste Rezension von Qubes OS in deutscher Sprache. Auch wenn der Autor erst einmal nur einen Einstieg in die Thematik bietet, finde ich das Video trotzdem interessant. Link: _https://www.youtube.com/watch?v=ugEKW4Bdv2U_. Best Knut von Walter -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/388fbff9-a5c7-a92a-c5f1-f5a4fdfa6dad%40websecur.eu.
Re: [qubes-users] To the Qubes developers (German translation) - An die Qubes Entwickler (Übersetzung auf Deutsch)
Am 03.05.20 um 08:11 schrieb Caroline Villinger: > Hello dear Qubes developers, > > I would like to ask you whether we can translate the Qubes software into > German. > Would you be willing to give us all the files we need for the translation? > When we are done with the translation, we would send you the German version > so that you can install it in the Qubes software. > This means that the user can choose whether he wants to install the German > language or the English language when installing new software. > > If you agree, it would be very nice if you could give us an answer. > > greeting > Erwin > > > > > > > Hallo liebe Qubes Entwickler, > > ich möchte euch fragen, ob wir die Software Qubes in deutsche Sprache > übersetzen können. > Wärst du bereit uns alle Dateien zu geben, die wir für die Übersetzung > benötigen? > Wenn wir fertig sind, mit der Übersetzung würden wir dir die deutsche > Version zusenden, so dass Ihr es in der Qubes Software mit einbauen könnt. > Somit kann der User bei neu Installation wählen, ob er die deutsche Sprache > oder die englische Sprache installieren möchte. > > Wenn du damit einverstanden bist, wäre es sehr schön, wenn du uns eine > Antwort geben kannst. > > Gruß > Erwin > Hello, I don't know about the translation or language settings of the software/graphical user interface. However, the website shall be translated but there is some preparation missing. If done, translations will happen via the platform "Transifex". We'll inform you via the mailing list "qubes-translation". We look forward to every translator. Thank you! Kind regards Tobias Killer == Hallo, zur Übersetzung oder Spracheinstellung der Software/graphischen Benutzeroberfläche weiß ich nichts zu sagen. Der Webauftritt soll aber mal übersetzt werden, es fehlen aber noch ein paar Vorbereitungen hierzu. Übersetzt wird dann über die Plattform „Transifex“. Über die Mailing-Liste „qubes-translation“ geben wir dann Bescheid. Wir freuen uns auf jeden Übersetzer. Danke! Mit freundlichen Grüßen Tobias Killer -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bf39e72f-d68c-d40c-1eca-92d928eee1ac%40posteo.de. signature.asc Description: OpenPGP digital signature
Re: [qubes-users] Dividing Qubes Into Separate Networks (FAILED)
> My apologies unman that I am not a Linux poweruser. I have only been using it > casually for the past 20 years. I have yet to run into a situation where I > was not able to configure my network on any SUSE/Slackware, Debian or RHEL > based systems. The reason I came here is to get help, not to be reminded what > I do not understand or know about networking. You got that response because of the terse replys to Unmans ask for more information. Had you been a little more forthcoming, we might have a solution. > So my understanding is that it would not solve the DHCP settings but > if I were to try manually setting it then Fedora stores the settings > in /etc/sysconfig/network-scripts/ifcfg-Wired_connection_# which is > not a permanent location in Qubes so I'd lose it with every reboot. These settings are re-written at each reboot. However, network manager is not (see /rw/config/NM-system-connections). Try configuring it from network manager (nmcli or nm-connection-editor). Also ensure that things such as link speed negotiation, MTU and MAC address (if you are using port security) are correct. All of the above are in pentest-gw, which I assume is a clone of sys-net. What you are doing is absolutely possible in Qubes. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/bcb16c5c-5eb7-3da1-e4d5-75f8fd9f6ff3%40undef.tools.